A Cybercriminal Sentenced to 8 Years in Prison for Operating SSNDOB Dark Web Marketplace
Read also: the US sanctions the Sindbad crypto mixer, a “serial” scammer sentenced to 8 years in prison, and more.
Thursday, November 30, 2023
An admin of the SSNDOB cybercrime market that sold stolen personal data sentenced to 8 years in prison
A Ukrainian national received an 8-year prison sentence for operating SSNDOB, an infamous dark web marketplace, which was one of the biggest sellers of stolen information.
The cybercriminal platform was dismantled in June 2022 as part of an international law enforcement operation, with several of its domains seized. According to the US Department of Justice, the dark web data broker offered for sale personally identifiable information (PII), including email addresses, passwords, credit card numbers and in the case of the US citizens Social Security numbers. The platform is estimated to have made more than $19 million in sales revenue.
The site’s administrator, Vitalii Chychasov, 37, was arrested in March 2022 in Hungary and was extradited to the US in July of the same year. A second SSNDOB Marketplace administrator, Sergey Pugach, was apprehended in May 2022.
In July 2023, Chychasov pleaded guilty to access device fraud and trafficking in unauthorized access devices relating to his administration of SSNDOB. In addition to his prison sentence, Chychasov will forfeit $5 million of illicit gains and the SSNDOB Market domains (Blackjob.biz, SSNDOB.club, SSNDOB.vip, and SSNDOB.ws).
Request your free demo now and talk to our experts.
The US seizes the Sindbad crypto mixer used by Lazarus hackers to launder millions of dollars obtained from crypto heists
The US law enforcement authorities in cooperation with the Dutch Financial Intelligence and Investigation Service have seized the website of the Sindbad crypto mixer allegedly used by cybercriminals, including the well-known North Korean state-backed cybercrime group Lazarus, to launder money obtained through illicit activities.
Simultaneously, the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against Sindbad, accusing it of aiding Lazarus in laundering assets stolen in high-profile crypto heists.
Sindbad is believed to be a successor to the virtual currency mixer Blender.io sanctioned by the US in May 2022 for assisting Lazarus in money laundering.
The OFAC alleges that the North Korean threat actors used Sindbad to launder a significant portion of cryptocurrency stolen in the $100M Atomic Wallet hack, the $620M Axie Infinity crypto heist, and the $100M Horizon Bridge theft.
“Serial” cyber scammer gets 8 years in prison for SIM swapping, account hacks
A prolific scammer has been sentenced to 96 months in federal prison for perpetrating multiple fraud schemes, including SIM swapping and social media account takeovers.
Between April 2019 and February 2023, Amir Hossein Golshan, of Los Angeles, executed a range of cyber scams, causing approximately $740,000 in losses to hundreds of victims. In one instance Golshan hijacked an Instagram account of a Los Angeles-based model and influencer using SIM swapping. He then coerced the victim's friends into sending him money through various online platforms, totaling thousands of dollars.
Golshan also advertised fake Instagram services, carried out Zelle fraud schemes and impersonated Apple Support personnel, tricking victims into revealing sensitive information and gaining unauthorized access to their Apple iCloud accounts. Using this access he stole NFTs, cryptocurrency, and other valuable digital assets.
In July 2023, Golshan pleaded guilty to unauthorized access to a protected computer, wire fraud, and accessing a computer to defraud and obtain value. In addition to the prison sentence, the scammer was ordered to pay $1,218,526 in restitution.
Ransomware hackers behind attacks on large companies cuffed in Ukraine
Law enforcement authorities in Ukraine in cooperation with EU and the US police agencies have neutralized a prolific ransomware group that has attacked hundreds of large enterprises worldwide encrypting their servers and demanding millions in ransom payments.
The group, which has been in operation since 2018, used LockerGoga, MegaCortex, HIVE, Dharma and other ransomware to encrypt corporate servers. The hackers gained access to the target networks via compromised employees’ accounts and deployed malicious code within the victim environment. Once in the network, the group used tools such as TrickBot malware, Cobalt Strike, and PowerShell Empire to move laterally and compromise other systems before deploying ransomware payload.
Since the beginning of their operation, the group encrypted over 1000 servers belonging to large corporations, causing over $82 million in losses. In one case, the attackers demanded 450 Bitcoin in ransom from an unnamed major chemical company based in the Nethrlands, Ukraine’s police said in a press release.
The police officers conducted searches at 30 locations in the regions of Kyiv, Cherkasy, Rivne and Vinnytsia (Ukraine) and arrested five key members of the group, including its 32-year-old headman.
A Nigerian politician arrested over crypto wallet heist
An official has been detained in Nigeria in connection to the May 2023 breach of a local cryptocurrency trading company Patricia Technologies resulting in customer fund loss.
According to the Nigerian Police Force (NPF), Wilfred Bonse, a Nigerian politician who initially ran for the governorship position in the last election as a member of the People's Democratic Party (PDP), allegedly helped to launder 50 million naira ($62,368) out of 607 million naira ($757,151) stolen from Patricia's account on Flutterwave and transferred to his personal bank account through a crypto wallet.
The police said it made significant progress on the case, which is said to have involved criminal conspiracy, unauthorized modification of computer systems, network data, and the unlawful diversion of funds amounting to over 200 million naira. Other suspects in the case remain at large.
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law. 
